GoSecure Blog

Tom Bain

Recent Posts

In last week’s blog, we discussed why critical malware security infrastructure is a prime target. To recap, targeted malware attack to critical infrastructure will continue to occur solely based on the political and economic ramifications that ensue following the incident. Political, economic and financial drivers are all motivating factors behind attacks of this nature.

Truth #3: No Organization – critical infrastructure providers included – can keep up with the onslaught of new malware attack and APTS.

Earlier this month, we introduced you to the beginning of a blog series based on impending security threats to our nation’s critical infrastructure establishments. This content has been developed into a list of “Truths” that will help critical infrastructure owners and stakeholders better protect themselves from escalating cyber threats. On January 15th we discussed the first truth, ““Air Gaps” Do Not Provide Infallible Protection Against Cyber Threats and APTS.”

According to research published on March 12, 2013 by James R. Clapper, the Director of National Intelligence, “We are in a major transformation because our critical infrastructures, economy, personal lives and even basic understanding of – and interaction with – the world are becoming more intertwined with digital technologies and the Internet. In some cases, the world is applying digital technologies faster than our ability to understand the security implications and mitigate potential risks.”

Once considered the unthinkable is now a reality; real-life cyber attacks on critical infrastructure have taken center stage in the past few years. Rapidly changing technologies, evolving cyber threats and advanced, targeted malware have catapulted cyber security of real-world infrastructure from an academic backwater to a top government and industry priority. From power plants to water treatment sites, from traffic control systems to financial systems – all critical infrastructure – that once thought invulnerable to targeted cyber attacks now lies squarely in the crosshairs of nation states as well as individual hackers.

It’s typical at this time of year to look back at the previous years’ data breaches and high-profile exploits, and say things got worse. However in 2014, things really did get worse from the standpoint of damage to some of the biggest organizations globally.

From the direct impact on enterprises to the direct impact on consumers in the wake of retail industry breaches. From the indirect impact on businesses like wasted time cycles, downtime and mis-allocated resources, to indirect overall impact felt by consumers - like NOT making purchases at specific retail stores or websites, or perhaps NOT investing money or doing business with financial organizations based on a security breach - we all felt the pain.

We've seen enormous swings financially, and in confidence of organizations, attributed to this year's attacks. But it’s not really just about the attacks. They are going to happen. I'd argue that its more about the nexus of forces around the way organizations and employees are computing, and the devices that are used (endpoints) for multiple purposes within the corporate network.

We may have hit a ‘data breach fatigue’ saturation point across the market as of late, but there were a few other security vulnerability stories swirling this past week that seemed to deviate from the standard reports.

One thing that comes to mind with respect medical devices with internet connectivity, is that devices, like any other technology, have evolved. Medical devices are now programmable, configurable and are more advanced to accommodate so many patient conditions, complete with automation, data collection and storage requirements.

It’s only so often that you can attend a conference with the dominant theme being the Zombie Apocalypse.

And no more fitting location than Atlanta, where it all started for the ‘Walking Dead.’ Yes, the walkers took Atlanta first and swarmed in an outward fashion from there to swarm the rest of the world for complete domination.

I've been attending the Inbound Conference, hosted by HubSpot this week, to brush up on a few things in my discipline (Marketing). Speakers present new Marketing strategies, and mainly inspiration for Marketers to find truly different ways to communicate to audiences. Every session focuses on specific tactics, like blogging or email or telling better stories.

Another day, another data breach. I'd like to offer two opinions with respect to breaches we read about regularly.

1) Its really not about the data with some data breaches - its about the money.

2) Why is it that so many organizations don't take a proactive, continuous stance in protecting their assets? You don't have to wait for a post-breach malware analysis forensics investigation to understand what went wrong.

It was reported late yesterday that Community Health Systems experienced a data breach that impacted 4.5M customers across potentially 28 states. This malware attack is in fact interesting, given that the same malware attackers have been attributed to pilfering trade secrets within the healthcare industry in successfully executed hacks previously. It looks like by all accounts, the attackers used some targeted malware attacks to break into Community Health Systems to steal patient data and not exactly IP that ultimately may get sold to China.